The US Department of Defense published a proposed rule and solicited public feedback for the Cybersecurity Maturity Model Certification (CMMC) program.
The primary objective of the CMMC program is to establish a mechanism for evaluating whether defense contractors and subcontractors have successfully implemented the necessary security measures to safeguard controlled unclassified information (CUI) and federal contract information (FCI). At the moment, the DoD requires contractors and subcontractors to put the security measures in place.
The CMMC program requires three levels of cybersecurity assessments: level 1 covers the fundamental protection of FCI, level 2 covers the general protection of CUI, and level 3 addresses advanced persistent threat mitigation.
Read More: Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.